InsightsonAIsecurity,agenticsystems,clouddefense,andmodernredteaming—curatedbytheCrackenteam.
Sandboxing your agentic pentester feels safe — until it isn’t. We put Claude Code under the microscope, sandboxed and not, and show how manipulating the agent’s reasoning runs an untrusted binary past Seatbelt and bwrap — no sandbox escape required.
Every cybersecurity firm now ships an autonomous pentest agent — but can you trust one to run loose on your machine? We built a honeypot and turned four leading agentic red-teamers against themselves: indirect prompt injection, reverse shells, and full host compromise.
AI crossed a threshold with Mythos. Cracken CEO Artem Sorokin breaks down what actually changed, why reactive security is no longer viable, and how CISOs should operationalize adversarial exposure validation across the full kill chain.
AI “digital staff officers” transform cyber capacity in DDIL. This new framework aligns human intent, agent orchestration, Moving Target Defense, and PETIO for resilient, continuously validated cyber operations.
The OpenClaw hype is real. We unleashed an AI agent on top of forensic foundations (Volatility, TSK, VirusTotal) and watched it uncover real breakthroughs — even a reverse shell — without being told where to look.
Attackers don’t guess. They test. Cracken weaponizes defense with adversarial AI that proves what’s exploitable—right now. Less noise. More truth. Release the Cracken.
Anthropic showed tiny poisoned samples can implant backdoors in LLMs. I replicated this with GPT-2 using 50 poisoned examples, proving how easily training data tampering can compromise a model.
How abliterating cybersecurity refusal collapsed nearly every safety domain — despite near-zero vector similarity except for the one that shared the most overlap
Agentic AI doesn’t hack, it learns. It studies your CNAPP reports, predicts your playbook, and rewrites your defense before you wake up. Posture won’t save you.